Ngioweb Botnet Fuels NSOCKS Residential Proxy Network Exploiting IoT Devices
The malware known as Ngioweb has been used to fuel a notorious residential proxy service called NSOCKS, as well as by other services such as…
Category: TheHackerNews
Why Privileged Access Security Must Be a Top Priority
Nov 19, 2024The Hacker NewsInsider Threat / Credential Security Privileged accounts are well-known gateways for potential security threats. However, many organizations focus solely on managing…
New ‘Helldown’ Ransomware Variant Expands Attacks to VMware and Linux Systems
Cybersecurity researchers have shed light on a Linux variant of a relatively new ransomware strain called Helldown, suggesting that the threat actors are broadening their…
Chinese Hackers Exploit T-Mobile and Other U.S. Telecoms in Broader Espionage Campaign
U.S. telecoms giant T-Mobile has confirmed that it was also among the companies that were targeted by Chinese threat actors to gain access to valuable…
Active Exploitation of VMware vCenter and Kemp LoadMaster Flaws
Nov 19, 2024Ravie LakshmananVulnerability / Data Security Now-patched security flaws impacting Progress Kemp LoadMaster and VMware vCenter Server have come under active exploitation in the…
The Problem of Permissions and Non-Human Identities
According to research from GitGuardian and CyberArk, 79% of IT decision-makers reported having experienced a secrets leak, up from 75% in the previous year’s report.…
New Stealthy BabbleLoader Malware Spotted Delivering WhiteSnake and Meduza Stealers
Nov 18, 2024Ravie LakshmananThreat Intelligence / Ransomware Cybersecurity researchers have shed light on a new stealthy malware loader called BabbleLoader that has been observed in…
The Problem of Permissions and Non-Human Identities
According to research from GitGuardian and CyberArk, 79% of IT decision-makers reported having experienced a secrets leak, up from 75% in the previous year’s report.…
Fake Discount Sites Exploit Black Friday to Hijack Shopper Information
A new phishing campaign is targeting e-commerce shoppers in Europe and the United States with bogus pages that mimic legitimate brands with the goal of…
NSO Group Exploited WhatsApp to Install Pegasus Spyware Even After Meta’s Lawsuit
Nov 18, 2024Ravie LakshmananMobile Security / Spyware Legal documents released as part of an ongoing legal tussle between Meta’s WhatsApp and NSO Group have revealed…
Critical WordPress Plugin Vulnerability Exposes Over 4 Million Sites
Nov 18, 2024Ravie LakshmananVulnerability / Website Security A critical authentication bypass vulnerability has been disclosed in the Really Simple Security (formerly Really Simple SSL) plugin…
PAN-OS Firewall Vulnerability Under Active Exploitation – IoCs Released
Nov 16, 2024Ravie LakshmananVulnerability / Network Security Palo Alto Networks has released new indicators of compromise (IoCs) a day after the network security vendor confirmed…